Provably-fair proof
This page reproduces the winner computation from public inputs. You can recompute every step in your browser's DevTools — don't trust our math, verify it.
1. Pre-commit (server_seed_hash)
Published when the draw went live (2026-05-31T19:21:15.664Z).
b788e598703f1492b70227723b3be346bc5c6783d1633eba82e1c1e4465a6d012. Reveal (server_seed)
Revealed after draw (2026-05-31T21:03:19.307Z).
998c8ce3808b492af7fe45fa7c81457c911af30f8aabba7a455c31dcfd1f0c52Hash check: ✓ sha256(server_seed) === published hash
3. Client seed inputs (all sold eggs)
| # | Wallet | Winner? |
|---|---|---|
| 1 | Ano4Dm...chSw | |
| 2 | BsCuxX...F9UY | |
| 3 | 7f8q7a...W1mW | |
| 4 | 4UVZsH...RXQH | |
| 5 | 8bfC4d...gk4B | |
| 6 | 9eXWfv...S3j8 | |
| 7 | 3Q94aQ...msay | |
| 8 | 3JmzWh...J9vP | |
| 9 | HpwH4R...51xh | |
| 10 | AQmp7N...Eatz | |
| 11 | 2wHMMg...HiGw | |
| 12 | HqEtjN...yheB | |
| 13 | 2EAV7A...W7sm | |
| 14 | AMEQq4...cvwL | |
| 15 | D2mrbs...2VPQ | |
| 16 | 9hj7jn...p66e | |
| 17 | 98nEKr...vxCb | |
| 18 | 4vdwQd...KDfW | |
| 19 | GLZh4h...Vamj | 🎉 |
| 20 | 8nRfsK...BicL | |
| 21 | 3YBqQc...qsXu | |
| 22 | B5ywNJ...iHwX | |
| 23 | 43y2Hn...8yuJ | |
| 24 | 2ird6n...86mv | |
| 25 | CoVhCT...D6Cn | |
| 26 | Ghhwya...UsoP | |
| 27 | 5DcAQv...r45E | |
| 28 | 4CSfrx...w9TX | |
| 29 | J17RXt...Wma5 | |
| 30 | 2ABhMj...WC8a |
4. Derived client_seed
client_seed = sha256(sorted by entry_number, joined as "N:wallet" with '|')
5f21757f4143b6241404a54fba6b2ccfce42bf2c6ff941acd9d2e58624f15dcd5. External entropy (Bitcoin block)
Mixed into the HMAC input so the draw depends on a value the operator could not have known when the server seed was committed ( 2026-05-31T19:21:15.664Z). Any Bitcoin block mined after the commit works — we take the tip at draw time.
00000000000000000000e96402eb24ad826c34579a709ce01cf07109268ae5feblock time2026-05-31T20:58:00.000ZCross-check on mempool.space or blockstream.info.
6. Winner computation
HMAC-SHA256(server_seed, "client_seed:lotto_id:source:height:hash"), first 16 hex chars, mod sold_count (30).
hmac = 60371d6e1fb6c79ce633a728c483d5dfc57148f1c9f13bf7dfe07f6955e181e5Computed index: 18 → winning egg: #19
7. Independent verification
Show JS snippet (paste into DevTools)
const seed = "998c8ce3808b492af7fe45fa7c81457c911af30f8aabba7a455c31dcfd1f0c52";
const hashStr = "b788e598703f1492b70227723b3be346bc5c6783d1633eba82e1c1e4465a6d01";
const clientSeed = "5f21757f4143b6241404a54fba6b2ccfce42bf2c6ff941acd9d2e58624f15dcd";
const lottoId = "2f11d929-886c-4bd9-88fc-d13e05972e99";
const sold = 30;
const entropy = "mempool.space:951891:00000000000000000000e96402eb24ad826c34579a709ce01cf07109268ae5fe";
async function run() {
const enc = new TextEncoder();
const seedBytes = enc.encode(seed);
const hashed = await crypto.subtle.digest("SHA-256", seedBytes);
const recomputed = [...new Uint8Array(hashed)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
console.log("hashOk:", recomputed === hashStr);
const key = await crypto.subtle.importKey(
"raw", seedBytes, { name: "HMAC", hash: "SHA-256" }, false, ["sign"]
);
const message = entropy
? clientSeed + ":" + lottoId + ":" + entropy
: clientSeed + ":" + lottoId;
const sig = await crypto.subtle.sign("HMAC", key, enc.encode(message));
const hex = [...new Uint8Array(sig)]
.map((b) => b.toString(16).padStart(2, "0")).join("");
const idx = Number(BigInt("0x" + hex.slice(0, 16)) % BigInt(sold));
console.log("hmac:", hex);
console.log("winnerIndex:", idx);
}
run();